[191628] in North American Network Operators' Group
Re: Krebs on Security booted off Akamai network after DDoS attack
daemon@ATHENA.MIT.EDU (=?utf-8?q?J=C3=B6rg?= Kost)
Fri Sep 23 21:10:29 2016
X-Original-To: nanog@nanog.org
From: "=?utf-8?q?J=C3=B6rg?= Kost" <jk@ip-clear.de>
To: "Patrick W. Gilmore" <patrick@ianai.net>
Date: Fri, 23 Sep 2016 21:30:43 +0200
In-Reply-To: <C3E81DD5-E2A8-428B-B90B-92E18CD9119F@ianai.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Yes, they do (or advertise):
https://support.cloudflare.com/hc/en-us/articles/200170216-How-large-of-a=
-DDoS-attack-can-CloudFlare-handle-
J=C3=B6rg
On 23 Sep 2016, at 21:26, Patrick W. Gilmore wrote:
> Is CloudFlare able to filter Layer 7 these days? I was under the =
> impression CloudFlare was not able to do that.
>
> There have been a lot of rumors about this attack. Some say =
> reflection, others say Layer 7, others say .. other stuff. If it is =
> Layer 7, how are you going to =E2=80=98step in front of the cannon=E2=80=
=99? Would =
> you just pass through all the traffic?
>
> I realize Matthew is always happy for publicity (hell, the whole =
> planet is aware of that). But if your system cannot actually do the =
> required task, I=E2=80=99m not sure your company should give you credit=
for =
> offering a service the user cannot use.
>
> -- =
> TTFN,
> patrick
>
>> On Sep 23, 2016, at 3:16 PM, Justin Paine via NANOG <nanog@nanog.org> =
>> wrote:
>>
>> FWIW, we have offered to help. No word so far. We're more than =
>> willing
>> to step in front of the cannon pointed his way.
>>
>> ____________
>> Justin Paine
>> Head of Trust & Safety
>> CloudFlare Inc.
>> PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
>>
>>
>> On Fri, Sep 23, 2016 at 11:58 AM, Marcin Cieslak <saper@saper.info> =
>> wrote:
>>> On Fri, 23 Sep 2016, jim deleskie wrote:
>>>
>>>> They were hosting him for free, and like insurance, I can assure =
>>>> you if you
>>>> are consistently using a service, and not covering the costs of =
>>>> that
>>>> service you won't be a client for long. This is the basis for =
>>>> AUP/client
>>>> contracts and have been going back to the days when we all offered =
>>>> only
>>>> dialup internet.
>>>
>>> Does being a victim of a DDoS constitute a breach of AUP?
>>>
>>> Marcin Cie=C5=9Blak
>
